Australia among top 5 target countries for ransomware attacks

According to research by Kaspersky Lab, Australia was the target of the highest number of ransomware attacks across the globe in Q3, 2016 and to date remains in the top 5 of target countries.While there’s an upward trend in the total amount of cyber attacks in general, Australia’s ‘culture of trust’ seems to make local internet users more lucrative victims for cyber criminals than those from other nationalities. “Because we’re geographically so far away, we think the risk is somehow lower,” says Kaspersky Lab’s Australian-based senior security researcher, Noushin Shabab.

The Iranian-born reverse engineering specialist is one of the latest - and only female - addition to Kaspersky’s Global Research & Analysis Team (GReAT) which has been brought into being to work on the most sophisticated attacks, and provide more in-depth research and understanding of constantly evolving cyber security threats. The team now has almost 50 members in 20 countries.

Shabab focuses predominantly on attacks aimed at Australian organisations and individuals. “What’s interesting here is that the majority of attacks are coming from other countries,” she says. “However in the case of ransomware these are not state sponsored attacks.” To date she hadn’t seen any Australians targeting Australians which doesn’t mean there are no local cyber criminals - they may just look for victims elsewhere.

The reason for the hike in ransomware attacks targeting Australian internet users is twofold. For one, we’re lucky enough to live in a very prosperous nation which will automatically spark the interest of cybercriminals. On the other hand, Australians also seem to be more likely to hand over a ransom to regain access to their data than others. “One of our recent studies shows that 37% of victims chose to pay the ransom,” Shabab says. The bad news is that one in five people who pay, still won’t get their files back.

“This is one of the key reasons why we strongly advise against paying ransomware,” Shabab explains. “There’s no guarantee that you will get your data back and you’re supporting the criminal activity of the attacker by complying to their demands.” What’s more, the chances of being targeted again become higher once a payment has been made.

To help ransomware victims regain access to their files, Kaspersky Lab is collaborating with the National High Tech Crime Unit of the Netherlands’ police, Europol’s European Cybercrime Centre and Intel Security on the No More Ransom initiative. Ransomware victims can upload the ransomware note to this site and will then be provided with a step by step guide to help them resolve the issue - this is of course dependant on there already being a solution for the particular attack. “Refusing to pay the ransom and increasing awareness for the issue is the most effective way to stop the proliferation of ransomware attacks in its tracks,” says Shabab.